[Openstack-operators] [openstack] [Octavia] unable to contact instance

Wed, 29 Jun 2016 16:16:53 -0700 

Hi all,

We are in the process of configuring the octavia lbaasv2 service.
On our mitaka environment we are using neutron dvr with openvswitch.  We have 
multiple controllers (3 to be exact).
We're following 
https://github.com/openstack/octavia/blob/stable/mitaka/devstack/plugin.sh as a 
guide.

After creating a load balancer, the amphora instance is booted.  It receives 
ips in the lb-net and the private network.

The octavia-worker log show:
DEBUG octavia.amphorae.drivers.haproxy.rest_api_driver [-] request url 
plug/vip/192.168.1.126 request 
/octavia/octavia/amphorae/drivers/haproxy/rest_api_driver.py:218
DEBUG octavia.amphorae.drivers.haproxy.rest_api_driver [-] request url 
https://192.168.246.11:9443/0.5/plug/vip/192.168.1.126 request 
/octavia/octavia/amphorae/drivers/haproxy/rest_api_driver.py:221
WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect 
to instance. Retrying.
WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect 
to instance. Retrying.
etc...

I can ping the amphora instance on the lb-net; not on the private net as it has 
not received the request to activate the second interface.  I can ssh into the 
amphora instance from the lb-net namespace.
The amphora agent is running inside the amphora instance and listening on port 
9443, the correct sec group is attached to the amphora instance so that should 
not be an issue.

Also we can see in dmesg :
[216682.378571] BLOCKED OUTPUT : IN= OUT=eth0 SRC=1.2.3.4 DST=192.168.246.11 
LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=19651 DF PROTO=TCP SPT=34464 DPT=9443 
WINDOW=29200 RES=0x00 SYN URGP=0

We can see the worker trying to contact the amphora instance
octavia-w 31502 octavia   13u  IPv4 27647551      0t0  TCP 
1.2.3.4:35304->192.168.246.11:9443 (SYN_SENT)

Do the octavia processes try to contact the amphora instance directly at it's 
lb-net ip? Not through a namespace?
For this to work, do we need to configure the health manager ports as described 
here: 
https://github.com/openstack/octavia/blob/stable/mitaka/devstack/plugin.sh#L123
Or setup some iptables rules or routes?

Kind regards
Joris S'heeren

--

_______________________________________________
OpenStack-operators mailing list
OpenStack-operators@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators

Reply via email to